- From: Michael Wechner <michael.wechner@wyona.com>
- Date: Mon, 03 Jul 2006 16:48:54 +0200
- To: Manfred Baedke <manfred.baedke@greenbytes.de>
- CC: Julian Reschke <julian.reschke@gmx.de>, w3c-dist-auth@w3.org
Manfred Baedke wrote: > Hi Michael, > > what's really bad about programmatic clients and form based > authentication is the fact that the form comes with status code 200, > telling the client that everything is fine, and there is really no > realiable way for the client to tell wether the response body is the > intended content or a login form. Form based authentication, as it is > widely used nowadays, is broken by design. Don't use it. ok, but what is the alternative? BASIC and DIGEST also have issues ;-) Thanks Michi > > Regards, > Manfred > > > -- Michael Wechner Wyona - Open Source Content Management - Apache Lenya http://www.wyona.com http://lenya.apache.org michael.wechner@wyona.com michi@apache.org +41 44 272 91 61
Received on Monday, 3 July 2006 14:48:59 UTC